- He masterminded an operation targeting user accounts with a cloud services provider
- He perpetrated brute force attacks against more than 1,500 accounts
- Ultimately, the hacker mined crypto worth over $2 million
Europol and the Ukrainian National Police have arrested an individual believed to be behind a $2 million crypto mining scheme, Security Week reported.
The suspect, who has not been named, is 29 years old and living in Mykolaiv, Ukraine. He is thought to have masterminded an operation targeting user accounts with a cloud services provider.
In January last year, a cloud provider reportedly approached Europol with information regarding user accounts that had been compromised. After Europol shared the information with the Ukrainian authorities, the latter launched an investigation.
He hacked thousands of accounts via a million computers
The so-called “cryptojacking” operation started in 2021. The suspect targeted the servers of a leading ecommerce enterprise and perpetrated brute force attacks against more than 1,500 user accounts, Ukrainian authorities noted.
Then, he gained control and infiltrated the ecommerce platform with cryptocurrency mining malware. Authorities added that he ran the malware using more than one million virtual computers, which he created.
A massive operation
He’s believed to have mined crypto worth over $2 million over the course of the massive cryptojacking operation. The Ukrainian police confiscated bank cards, SIM cards, and other items in the process of searching three properties. They are currently looking into the suspect’s possible association with Russian hackers and working on identifying his likely accomplices.
Europol concluded that criminals avoid paying for power and servers by stealing cloud resources to mine crypto. The price of the former tends to be higher than the potential profits. The victims of their operations are left with huge cloud bills.
Why are cloud servers vulnerable to hacking?
Cloud servers provide exorbitant computing power, which is why malicious entities are known to target them for cryptojacking operations. In 2023, SentinelOne and Aqua Security studied a TeamTNT cryptojacking campaign that covered Google Cloud, Microsoft Azure, and Amazon Web Services (AWS).
Contributors
